I am trying to programmatically migrate pre WL70 acls and map them to roles using
the Dafault Role Mapper. I tried the syntax generated on the console (configure
role), but I get the exception: admin : SubjectLandAdmin weblogic.entitlement.data.EnCreateException:
Unknown word for 'Caller is member of group SubjectLandAdmin' at position:0
Start server side stack trace:
weblogic.entitlement.data.EnCreateException: Unknown word for 'Caller is member of
group SubjectLand
Admin' at position:0
at weblogic.entitlement.engine.EEngine.createRoles(EEngine.java:414)
at weblogic.security.providers.authorization.DefaultRoleMapperImpl.createRole(DefaultRoleMap
perImpl.java:118)
at java.lang.reflect.Method.invoke(Native Method)
at javax.management.modelmbean.RequiredModelMBean.invoke(RequiredModelMBean.java:1287)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1555)
at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:1523)
at weblogic.management.internal.RemoteMBeanServerImpl.invoke(RemoteMBeanServerImpl.java:920)
at weblogic.management.internal.RemoteMBeanServerImpl_WLSkel.invoke(Unknown
Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:346)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:300)
at weblogic.security.service.SecurityServiceManager.runAs(SecurityServiceManager.java:762)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:295)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest.java:30)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:152)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:133)
End server side stack trace
Any help and advice is much appreciated. Ziad--
- Neil
Grp(name) or {Usr(name)}
{Grp(name)}
{Grp(name1)|Grp(name2)}
usr(name) or {usr(name)}
combinations of the above
Is that about right?
That being said, what you have looks basically correct although it is
subject to change at any time without notice.
- Neil